Abstract
The exponential rise in the usage of the internet and challenges necessitates the importance and use of the Domain Naming System (DNS). Despite the benefits, DNS is susceptible to abuse which calls for appropriate security solutions against such abuse.
Introduction
A report by the Internet World Stats (1) on the internet usage statistics based on ITU data shows that by March 2013, over 2,749 million users had visited the internet, and were actively involved in browsing the internet. The report details the usage characteristics of the internet based on the gender divide of men and women in the developed and developing world. Research shows that the visitors on the internet do not know that access is enabled through a domain name system, making access to any information among millions of records possible. Without the domain naming system, it could be impossible for the users to trace millions of hosts using IP addresses (Internet World Stats 1). In this case, the number of DNS records consisting of updated records shown by the number of chunks provides the basis for showing the downloaded malicious code by the regular index chunk is indicated by the number of chunks.
According to Aitchinson (36), DNS is an abbreviation for Domain Name System, which provides a hierarchical framework for translating internet domain names and hostnames to Internet Protocol (IP) addresses. The system allows applications to function using names such as Google.com by replacing difficult to remember IP addresses (Aitchinson 36).
The importance of DNS was to address the need for load balancing by spreading the operational loads across servers, controls the order of RRs, balancing mails and FTP services, and enables the delegation of the administration of name servers (Aitchinson 201). With the resolution and mapping of IP addresses and domain names, it has become easy to access the internet without the need to remember IP addresses (Aitchinson 207). The DNS system responds to recursive, iterative, or inverse queries from local or remote servers (Aitchinson 73).
Research by Anderson (1) of a quantitative and qualitative analysis of the number of DNS queries between 2004 July, 11 and 2013, July, 13 to be 8,614,652 daily respectively shows a significant number of queries as shown from the statistics are processed daily (Anderson 1).
According to Aitchinson (40), DNS abuses include the use of restricted services by an unauthenticated host, evading captive portals, co-operate espionage, malware, evading network policies and rules, and abusing slack space. DNS tunneling abuse includes DDoS attacks, evading captive portals, Advanced Persistent Threat (APT), command and control, and data exfiltration. However, good uses include the provision of capabilities to add security layers to the DKIM and SPF protocols. Avoidance of the abuse is done through the verification of the digital signatures by the client computer, countering the possibility of compromise by a man-in-the-middle attack. Also, a DES encryption and decryption ensures further security in a DNS query response cycle (Aitchinson 209).
Conclusion
The Domain Name System (DNS) is a naming system for translating IP addresses into domain names and vice versa in a hierarchical system. Domain tunneling involves encapsulating IP and upstream traffic and the use of records. The limitations include the requirement for encoding the upstream traffic with base32 encoded. DNS tunneling provides an effective mechanism for bypassing firewalls.
Works Cited
Aitchinson, Ronald, G.f. Pro DNS and BIND, New York: Press, 2011.
Anderson, Joshua, DNS Query Stats 2013. Web.
Internet World Stats 2013. Web.